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Description 

1, Field of the Invention 

[0001] The invention relates to a user authentication 
system and a user authenticating method for a server. 

2. Description of the Related Arts 

[0002] When a server connected to a network line 
such as the Internet is accessed from a terminal appa- 
ratus as a client In order to obtain information, in many 
cases, a user authentication is performed in the server 
In order to exclude the use by unspecific users. In the 
user authentication, a user ID code and a password 
which have been predetermined have ordinarily been 
stored every specific user When the server receives an 
access, whether a user ID code and a password which 
were input to the terminal apparatus coincide with the 
predetermined user ID code and password or not is dis- 
criminated. If the user authentication is completed with- 
out problem for accessing from the terminal apparatus 
by a specific user, the server permits the terminal appa- 
ratus to extract the information. 
[0003] In the network line such as the Internet which 
can be used by an unspecific user through a terminal 
apparatus, however, if security of the server is imperfect, 
there is a possibility that an illegal user other than the 
specific user accesses easily. Particularly, in the case 
of the server owned by an individual, since sufficient 
costs for security cannot be spent, a relatively simple 
and reliable user authentication is needed. 

SUMMARY OF THE INVENTION 

[0004] It is, therefore, an object of the invention to pro- 
vide a user authentication system and a user authenti- 
cating method in which an access from a terminal ap- 
paratus to a server by an illegal user other than a specific 
user can be certainly excluded by a relatively simple 
construction. 

[0005] According to the present invention, there is 
provided a user authentication system having a first ter- 
minal apparatus for connecting to an information server 
through a network line, a second terminal apparatus for 
connecting to the information server by a communica- 
tion line independent of the network line, and an authen- 
tication server located on the network line, for authenti- 
cating a user of the first terminal apparatus when the 
information server is accessed from the first terminal ap- 
paratus through the network line, comprising: first trans- 
mitting means for transmitting a new-issuing request of 
a password from the second terminal apparatus to the 
information server through the communication line; 
password forming means for forming a new password 
in the information server in response to the new-issuing 
request of the password from the first transmitting 
means; second transmitting means for transmitting the 



password formed by the password forming means to the 
second terminal apparatus through the communication 
line; third transmitting means for transmitting the pass- 
word formed by the password forming means to an au- 

5 thentication server through the network line; reception 
notifying means for receiving the password transmitted 
by the second transmitting means in the second terminal 
apparatus and notifying the received password; input 
means for accepting a password from the user in the 

10 first terminal apparatus; fourth transmitting means for 
transmitting the password accepted by the input means 
to the authentication server through the network line; 
and authenticating means for performing the user au- 
thentication in the authentication server in accordance 

15 with a coincidence of at least the password transmitted 
by the third transmitting means and the password trans- 
mitted by the fourth transmitting means. 
[0006] According to the present invention, there is 
provided a user authenticating method in a network sys- 

20 tern having a first terminal apparatus for connecting to 
an information server through a network line, a second 
terminal apparatus for connecting to the information 
server by a communication line independent of the net- 
work line, and an authentication server located on the 

25 network line, for authenticating a user of the first terminal 
apparatus when the information server is accessed from 
the first terminal apparatus through the network line, the 
method comprises the steps of: transmitting a new-is- 
suing request of a password from the second terminal 

30 apparatus to the informationserverthroughthecommu- 
nication line; forming a new password in the information 
server in response to the new-issuing request of the 
password; transmitting the password formed in the in- 
formation server to the second terminal apparatus 

35 through the communication line; transmitting the pass- 
word formed in the information server to the authentica- 
tion server through the network line; receiving the pass- 
word transmitted from the information server in the sec- 
ond terminal apparatus and notifying the received pass- 

40 word; accepting a password from the user in the first 
terminal apparatus and transmitting the accepted pass- 
word to the authentication server through the network 
line; and performing the user authentication in the au- 
thentication server in accordance with a coincidence of 
45 at least the password transmitted from the information 
server and the password transmitted from the first ter- 
minal apparatus. 

[0007] According to the present invention, there is 
provided an information server for connecting to a first 

so terminal apparatus through a network line, and for con- 
necting to a second terminal apparatus by a communi- 
cation line independent of the network line, and for re- 
ceiving an access from the first terminal apparatus 
through the network line, comprising: password forming 

55 means for forming a new password in response to a 
new-password issuing request transmitted from the sec- 
ond terminal apparatus through the communication line 
before the information server is accessed from the first 
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terminal apparatus via the network line; first transmitting 
means for transmitting the password formed by the 
password forming means to the second terminal appa- 
ratus through the communication line; and second 
transmitting means for transmitting the password s 
formed by the password forming means through the net- 
work line to an authentication server for performing an 
authentication with respect to a user of the first terminal 
apparatus after the password is transmitted by the first 
transmitting means. w 
[0008] According to the present invention, there is 
provided an authentication server located on a network 
line in a network system having a first terminal appara- 
tus for connecting to an information server through the 
network line and a second terminal apparatus for con- w 
necting to the information server by a communication 
line independent of the network line, for authenticating 
a user of the first terminal apparatus when the informa- 
tion server is accessed from the first terminal apparatus 
through the network line, comprises: first receiving 20 
means for receiving a new password transmitted from 
the information server through the network line; second 
receiving means for receiving a password transmitted 
from the first terminal apparatus through the network 
line; authenticating means for performing the user au- 25 
thentication in accordance with a coincidence of the 
password received by the first receiving means and the 
password received by the second receiving means; and 
means for guiding an access destination of the first ter- 
minal apparatus to the information server when the user 30 
authentication by the authenticating means is complet- 
ed. 

[0009] According to the present invention, there is 
provided a user authentication system having a first ter- 
minal apparatus for connecting to an information server 35 
through a network line, a second terminal apparatus for 
connecting to the information server by a communica- 
tion line independent of the network line, and an authen- 
tication server located on the network line, for authenti- 
cating a user of the first terminal apparatus an when the 40 
information server is accessed from the first terminal ap- 
paratus through the network line, comprising: password 
forming means for forming a new password In the sec- 
ond terminal apparatus and notifying the new password; 
first transmitting means for transmitting the password 45 
formed by the password forming means to the informa- 
tion server through the communication line; transmitting 
and receiving means for receiving the password trans- 
mitted from the first transmitting means in the informa- 
tion server and, thereafter, transmitting the received so 
password to the authentication server through the net- 
work line; input means for accepting a password from 
the user in the first terminal apparatus; second transmit- 
ting means for transmitting the password accepted by 
the input means to the authentication server through the ss 
network line; and authenticating means for performing 
the user authentication in the authentication server in 
accordance with a coincidence of at least the password 



transmitted by the transmitting and receiving means and 
the password transmitted by the second transmitting 
means. 

[0010] According to the present invention, there is 
provided a user authenticating method in a network sys- 
tem having a first terminal apparatus for connecting to 
an information server through a network line and a sec- 
ond terminal apparatus for connecting to the information 
server by a communication line independent of the net- 
work line, in which an authentication server located on 
the network line authenticates a user of the first terminal 
apparatus when the information server is accessed from 
the first terminal apparatus through the network line, the 
method comprises the steps of: forming a new password 
by the second terminal apparatus and notifying the new 
password; transmitting the password formed by the sec- 
ond terminal apparatus to the information server from 
the second terminal apparatus through the communica- 
tion line; receiving the password transmitted from the 
second terminal apparatus in the information server 
and, thereafter, transmitting the received password to 
the authentication server through the network line; ac- 
cepting a password from the user in the first terminal 
apparatus; transmitting the password accepted in the 
first terminal apparatus to the authentication server 
through the network line; and performing the user au- 
thentication in the authentication server in accordance 
with a coincidence of at least the password transmitted 
from the information server and the password transmit- 
ted from the first terminal apparatus. 
[0011] According to the present invention, there is 
provided an information server for connecting to a first 
terminal apparatus through a network line, for connect- 
ing to a second terminal apparatus by a communication 
line independent of the network line, and for being ac- 
cessed from the first terminal apparatus through the net- 
work line, comprising: receiving means for receiving a 
new password transmitted from the second terminal ap- 
paratus through the communication line before the in- 
formation server is accessed from the first terminal ap- 
paratus via the network line; first transmitting means for 
transmitting the password received by the receiving 
means to the second terminal apparatus through the 
communication line; and second transmitting means for 
transmitting the password formed by password forming 
means through the network line to an authentication 
server for authenticating a user of the first terminal ap- 
paratus after the password is transmitted by the first 
transmitting means. 

[0012] According to the present invention, there is 
provided an authentication server located on a network 
line in a network system having a first terminal appara- 
tus for connecting to an information server through the 
network line and a second terminal apparatus for con- 
necting to the information server by a communication 
line independent of the network line, for authenticating 
a user of the first terminal apparatus when the informa- 
tion server is accessed from the first terminal apparatus 



3 



5 



EP 1 187 419 A2 



6 



through the network line, comprises: first receiving 
means for receiving a new password transmitted from 
the second terminal apparatus through the information 
server and the network line; second receiving means for 
receiving a password transmitted from the first terminal 
apparatus through the network line; authenticating 
means for performing the user authentication in accord- 
ance with a coincidence of the password received by 
the first receiving means and the password received by 
the second receiving means; and means for guiding a 
destination accessed by the first terminal apparatus to 
the information server when the user authentication by 
the authenticating means is completed. 
[0013] According to the present invention, there is 
provided a user authentication system having a first ter- 
minal apparatus for connecting to an information server 
through a network line, a second terminal apparatus for 
connecting to the information server by a communica- 
tion line independent of the network line and an authen- 
tication server located on the network line, for authenti- 
cating a user of the first terminal apparatus when the 
information server is accessed from the first terminal ap- 
paratus through the network line, comprising: first trans- 
mitting means for transmitting a new-issuing request of 
a password in the first terminal apparatus to the authen- 
tication server through the network line; password form- 
ing means for forming a new password in the authenti- 
cation server in response to the new-issuing request of 
the password from the first transmitting means; second 
transmitting means for transmitting the password 
formed by the password forming means to the first ter- 
minal apparatus through the network line; reception no- 
tifying means for receiving the password transmitted by 
the second transmitting means, in the first terminal ap- 
paratus and notifying it; input means for accepting a 
password from the user in the second terminal appara- 
tus; third transmitting means for transmitting the pass- 
word accepted by the input means to the information 
server through the communication line; transmitting and 
receiving means for receiving the password transmitted 
from the third transmitting means in the information 
server and, thereafter, transmitting the received pass- 
word to the authentication server through the network 
line; and authenticating means for performing the user 
authentication in the authentication server in accord- 
ance with a coincidence of at least the password trans- 
mitted by the third transmitting means and the password 
formed by the password forming means. 
[0014] According to the present invention, there Is 
provided a user authenticating method in a network sys- 
tem having a first terminal apparatus for connecting to 
an information server through a network line and a sec- 
ond terminal apparatus for connecting to the information 
server by a communication line independent of the net- 
work line, and an authentication server located on the 
network line, for authenticating a user of the first terminal 
apparatus when the information server is accessed from 
the first terminal apparatus through the network line, the 



method comprises the steps of: transmitting a new-is- 
suing request of a password from the first terminal ap- 
paratus to the authentication serverthrough the network 
line; forming a new password in the authentication serv- 

5 er in response to the new-issuing request of the pass- 
word from the first terminal apparatus; transmitting the 
password formed in the authentication server to the first 
terminal apparatus through the network line; receiving 
the password transmitted from the authentication server 

10 in the first terminal apparatus and notifying the received 
password; accepting a password from the user in the 
second terminal apparatus; transmitting the password 
accepted in the second terminal apparatus to the infor- 
mation serverthrough the communication line; receiving 

is the password transmitted from the second terminal ap- 
paratus in the information server and, thereafter, trans- 
mitting the received password to the authentication 
serverthrough the network line; and performing the user 
authentication in the authentication server in accord- 

20 ance with a coincidence of at least the password trans- 
mitted from the information server and the formed pass- 
word. 

[0015] According to the present invention, there is 
provided an authentication server located on a network 

25 line in a network system having a first terminal appara- 
tus for connecting to an information server through the 
network line and a second terminal apparatus for con- 
necting to the information server by a communication 
line independent of the network line, for authenticating 

30 a user of the first terminal apparatus when the informa- 
tion server is accessed from the first terminal apparatus 
through the network line, comprises: password forming 
means for forming a new password in response to a 
new-password issuing request transmitted from the first 

35 terminal apparatus through the network line before the 
information server is accessed from the first terminal ap- 
paratus through the network line; first transmitting 
means for transmitting the password formed by the 
password forming means to the first terminal apparatus 

40 through the network line; receiving means for receiving 
the password transmitted from the second terminal ap- 
paratus through the information server and the network 
line; authenticating means for performing the user au- 
thentication In accordance with a coincidence of the 

45 password received by the receiving means and the 
password formed by the password forming means; and 
means for guiding a destination accessed by the first 
terminal apparatus to the information server when the 
user authentication by the authenticating means Is com- 

50 pieted. 

[0016] According to the present invention, there is 
provided a user authentication system having a first ter- 
minal apparatus for connecting to an information server 
through a network line, a second terminal apparatus for 
55 connecting to the information server by a communica- 
tion line Independent of the network line, and an authen- 
tication server located on the network line, for authenti- 
cating a user of the first terminal japparatus when the 



4 



EP1 187 419 A2 



information server is accessed from the first terminal ap- 
paratus through the network line, comprising: password 
forming means for forming a new password by the first 
terminal apparatus and notifying the new password; first 
transmitting means for transmitting the password 
formed by the password forming means to the authen- 
tication server through the network line; input means for 
accepting a password from the user in the second ter- 
minal apparatus; second transmitting means for trans- 
mitting the password accepted by the input means to 
the information server through the communication line; 
transmitting and receiving means for receiving the pass- 
word transmitted from the first transmitting means in the 
Information server and, thereafter, transmitting the re- 
ceived password to the authentication server through 
the network line; and authenticating means for perform- 
ing the user authentication in the authentication server 
in accordance with a coincidence of at least the pass- 
word transmitted by the transmitting and receiving 
means and the password transmitted by the second 
transmitting means. 

[0017] According to the present invention, there is 
provided a user authenticating method in a network sys- 
tem having a first terminal apparatus for connecting to 
an information server through a network line and a sec- 
ond terminal apparatus forconnecting to the information 
server by a communication line independent of the net- 
work line, in which an authentication server located on 
the network line authenticates a user of the first terminal 
apparatus when the information server is accessed from 
the first terminal apparatus through the network line, the 
method comprises the steps of: forming a new password 
in the first terminal apparatus and notifying the new 
password; transmitting the password formed in the first 
terminal apparatus to an authentication server through 
the network line; accepting a password from the user in 
the second terminal apparatus; transmitting the pass- 
word received in the second terminal apparatus to the 
information server through the communication line; re- 
ceiving the password transmitted from the second ter- 
minal apparatus in the information server and, thereaf- 
ter, transmitting the received password to the authenti- 
cation server through the network line; and performing 
the user authentication in the authentication server in 
accordance with a coincidence of at least the password 
transmitted from the information server and the pass- 
word transmitted from the first terminal apparatus. 
[0018] According to the present invention, there is 
provided an authentication server located on a network 
line in a network system having a first terminal appara- 
tus for connecting to an information server through the 
network line and a second terminal apparatus for con- 
necting to the information server by a communication 
line independent of the network line, for authenticating 
a user of the first terminal apparatus when the informa- 
tion server is accessed from the first terminal apparatus 
through the network line, comprises: first receiving 
means for receiving a password formed newly and 



transmitted in the first terminal apparatus through the 
network line; second receiving means for receiving the 
password transmitted from the second terminal appara- 
tus through the information server and the network line; 

s authenticating means for performing the user authenti- 
cation in accordance with a coincidence of the password 
received by the first receiving means and the password 
received by the second receiving means; and means for 
guiding a destination accessed by the first terminal ap- 

10 paratus to the information server when the user authen- 
tication by the authenticating means is completed. 

BRIEF DESCRIPTION OF THE DRAWINGS 

« [0019] 



Fig. 1 is a block diagram showing a construction of 
a user authentication system according to the 
present invention; 

Fig. 2 is a sequence diagram showing the operation 
of the user authentication system in Fig. 1 ; 
Fig. 3 is a sequence diagram showing the operation 
of the user authentication system in Fig. 1 ; 
Fig. 4 is a sequence diagram showing the operation 
of the user authentication system in Fig. 1 ; 
Fig. 5 is a sequence diagram showing the operation 
of a sequel portion to the sequence diagram of Fig. 
4; and 

Fig. 6 is a sequence diagram showing the operation 
of the user authentication system in Fig. 1 . 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 



20 



25 



30 



35 [0020] Embodiments of the invention will now be de- 
scribed in detail hereinbelow with reference to the draw- 
ings. 

[0021] Fig. 1 shows a construction of a network sys- 
tem to which the present invention is applied. The net- 

40 work system includes a house server 1 and a modem 
2. The home server 1 is an information server provided 
in a house of a user P. The modem 2 is a transmitter/ 
receiver for connecting the home server 1 to a public 
telephone line network 3 and has an automatic recep- 

45 tion responding function. A telephone exchange appa- 
ratus 3a for connecting a telephone line to the modem 
2 is included in the public telephone line network 3. 
[0022] If an ISDN line has already been drawn into the 
house of the user P from the telephone exchange ap- 

50 paratus 3a, a terminal adapter is used in place of the 
modem 2. 

[0023] A relay apparatus 4 of an ISP (Internet Service 
Provider) is connected to the public telephone line net- 
work 3. The user P has a contract with the ISP and can 
55 dial-up connect the home server 1 to the Internet 10 
through the modem 2 and relay apparatus 4. That is, the 
home server 1 is not a server which is always connected 
to the Internet 10. 
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[0024] Although not shown, a router and a DHCP (Dy- 
namic Host Configuration Protocol) server are included 
in the relay apparatus 4. When the home server 1 is con- 
nected to the Internet 10, the DHCP server allocates a 
dynamic IP (Internet Protocol) address to the home 
server 1 . 

[0025] The Internet Service Provider ISP has a WWW 
(World Wide Web) server 5 including memory areas in 
each which the use by a contractor is permitted. The 
user P has display data for forming a Web page held 
into a memory area which is designated by a predeter- 
mined URL (Uniform Resource Locator) of the WWW 
server 5. The Web page is a page for authenticating a 
user by an identification code ID and a password en- 
tered by requesting an input of the identification code ID 
and password for accessing the home server in order to 
permit an access to the home server 1 . That is, the 
WWW server 5 functions as an authentication server. 
[0026] The network system includes a fixed terminal 
apparatus 6 which can be operated by the user P and 
which is connected to the Internet 1 0. The fixed terminal 
apparatus 6 has, for example, a personal computer pro- 
vided in an LAN (Local Area Network) and is connected 
to the Internet 10 through the router (not shown). The 
terminal apparatus 6 can be also solely connected to 
the Internet 1 0. 

[0027] The user P has a portable terminal apparatus 
(hereinafter, referred to as a cellular phone) 11. The user 
P possesses the cellular phone 11 by making a contract 
with a cellular phone provider who runs cellular phone 
business. In the embodiment, although only the cellular 
phone 11 is shown for simplicity of explanation, the in- 
vention isnot limited to it but a plurality of cellular phones 
can be also provided. The cellular phone provider pos- 
sesses a base station apparatus 1 3 and a telephone ex- 
change apparatus 1 4. 

[0028] The base station apparatus 1 3 is an apparatus 
for relaying transmission/reception signals for the cellu- 
lar phone and data communications and is arranged in 
a small region called a cell. Although only one base sta- 
tion apparatus 13 is shown in Fig. 1 , a number of base 
station apparatuses exist actually. A plurality of base 
station apparatuses including the base station appara- 
tus 1 3 form a network in which they are connected by 
each dedicated line 12 around the telephone exchange 
apparatus 1 4 as a center. 

[0029] The telephone exchange apparatus 1 4 is con- 
nected to the public telephone line network 3. it is, there- 
fore, possible to access from the cellular phone 11 to 
the home server 1 through the base station apparatus 

13, dedicated line 12, telephone exchange apparatus 

14, public telephone line network 3, telephone ex- 
change apparatus 3a, and modem 2. 

[0030] The telephone exchange apparatus 3a con- 
nected to the modem 2 executes an offline process, 
without placing the modem 2 online, in response to a 
line connecting request other than a line connecting re- 
quest to the modem 2 by a specific telephone numbers. 



Since the telephone number allocated to the cellular 
phone 11 is included in the specific telephone number, 
the telephone exchange apparatus 3a connects the line 
in response to the line connecting request which is is- 

5 sued from the cellular phone 1 1 and is used for connect- 
ing it to the telephone line which reaches the modem 2. 
It is, consequently, impossible to communicate with the 
home server 1 from a cellular phone other than prede- 
termined cellular phones through the modem 2. The line 

10 connecting request includes at least a telephone 
number of a transmitting source and a telephone 
number of a reception destination 
[0031] In the construction, in order to allow the user 
P to access from the fixed terminal apparatus 6 to the 

15 home server 1 , it is necessary to first obtain a new pass- 
word through the cellular phone 1 1 . This is because it is 
intended to prevent an illegal access to the home server 

I in a online state where the home server 1 is connected 
to the Internet 10. 

20 [0032] Subsequently, the operation for allowing the 
user P to access from the fixed terminal apparatus 6 to 
the home server 1 will now be described with reference 
to the operation of each of the home server 1 , relay ap- 
paratus 4, fixed terminal apparatus 6, and cellular phone 

25 11 shown in Fig. 2. 

[0033] The user P performs the dialing operation of 
the cellular phone 11 in order to communicate with the 
home server 1 from the cellular phone 11, so that the 
cellular phone 11 executes the line connection request- 

30 ing operation (step S11 ). A line connecting request from 
the cellular phone 1 1 reaches the modem 2 through the 
base station apparatus 13, dedicated line 12, telephone 
exchange apparatus 14, public telephone line network 
3, and telephone exchange apparatus 3a (step S12). 

35 [0034] Since the modem 2 transmits a reception sig- 
nal to the home server 1 in response to a call such as 
the line connecting request by an automatic reception 
responding function, a line between the cellular phone 

II and home server 1 is communicably established 
40 through the base station apparatus 13, dedicated line 

12, telephone exchange apparatus 14, public telephone 
line network 3, telephone exchange apparatus 3a, and 
modem 2 (step S13). As mentioned above, since the 
telephone exchange apparatus 3a executes a line con- 
45 nection operation in response to the line connecting re- 
quest from the cellular phone 11 to the telephone line 
which reaches the modem 2, communication between 
the cellular phone 11 and home server 1 can be per- 
formed. 

50 [0035] A state showing that the communication be- 
tween the cellular phone 11 and home server 1 is pos- 
sible becomes a new-issuing request of a password, 
and the home server 1 forms a new password (step S1 4) 
and transmits the formed password to the cellular phone 

55 H(step S15). In step S14, the password is a password 
for accessing the home server and is formed, for exam- 
ple, on the basis of random numbers. 
[0036] The cellular phone 11 displays the password 
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on a display unit upon receiving the password for ac- 
cessing the home server (step S1 6). 
[0037] The home server 1 instructs a iine disconnec- 
tion when a predetermined time elapses after the trans- 
mission of the password (step S1 7). The modem 2 gen- 
erates a disconnecting request in response to the iine 
disconnecting instruction, so that the line between the 
cellular phone 1 1 and home server 1 is disconnected at 
each of the telephone exchange apparatus 3a, tele- 
phone exchange apparatus 14, and base station appa- 
ratus 13 (step S18). 

[0038] The home server 1 further starts the dial-up op- 
eration in order to connect to the Internet 1 0 (step S1 9), 
so that the line connecting request is supplied from the 
home server 1 to the relay apparatus 4 through the mo- 
dem 2, telephone exchange apparatus 3a, and public 
telephone line network 3 (step S20). 
[0039] The relay apparatus 4 executes the user au- 
thenticating operation upon receiving the line connect- 
ing request (step S21 ) and permits the connection to the 
Internet 10 (step S22). In the user authenticating oper- 
ation, although not shown, an identification code ID and 
a password for connection to the Internet 10 are re- 
ceived from the home server 1 and whether they coin- 
cide with an identification code ID and a password which 
have previously been registered or not is discriminated. 
If they coincide, step S22 is executed. In the case of 
permitting the connection to the Internet 10 from the 
home server 1 , the relay apparatus 4 executes the con- 
necting process (step S23). 

[0040] The home server 1 discriminates whether it 
has been connected to the Internet 1 0 or not(step S24). 
If it is connected to the Internet 10, an allocated IP ad- 
dress is obtained from the DHCP server (step S25). 
[0041 ] The home server 1 accesses the WWW server 
5, thereby allowing a communicating state to be estab- 
lished (step S26). The home server 1 instructs to update 
password data for accessing the home server in a mem- 
ory area designated by a predetermined URL (step 
S27), and instructs to update access destination data to 
the home server 1 {step S28). The password data in step 
S27 is data showing the password formed in step S14. 
The access destination data is the IP address obtained 
in step S25. 

[0042] The WWW server 5 rewrites the password da- 
ta and access destination data in the memory area des- 
ignated by the predetermined URL in response to the 
instructions (step S29). 

[0043] The user P executes the operation for access- 
ing the WWW server 5 in order to access the home serv- 
er 1 by using the fixed terminal apparatus 6. Since the 
terminal apparatus 6 is always connected to the Internet 
10, the fixed terminal apparatus 6 accesses the WWW 
server 5 in accordance with the operation of the user P, 
thereby allowing a communicating state to be estab- 
lished (step S30). 

[0044] When the communicating state with the fixed 
terminal apparatus 6 is established, the WWW server 5 



transmits display data in the memory area designated 
by the predetermined URL to the fixed terminal appara- 
tus 6 (step S31 ). The display data is data to form a Web 
page for requesting the input of the identification code 
s ID and password for accessing the home server in order 
to permit the access to the home server 1 . 
[0045] When the fixed terminal apparatus 6 receives 
the display data, the Web page for inputting is displayed 
on a browser screen of a display (not shown) (step S32). 
10 By watching the Web page, the user P inputs the iden- 
tification code ID and password for accessing the home 
server by pressing keys. The password to be input here 
is a new password displayed on the display unit of the 
cellular phone 11. 
is [0046] The fixed terminal apparatus 6 accepts the in- 
put identification code ID and password (step S33) and 
transmits the input identification code ID and password 
to the WWW server 5 (step S34). 
[0047] The WWW server 5 executes the authentlcat- 
20 ing operation with respect to the identification code ID 
and password upon receiving the identification code ID 
and password (step S35). In the authenticating opera- 
tion, whether the received identification code ID and 
password coincide with each data of the identification 
25 code ID and password in the memory area or not is dis- 
criminated. When the authenticating operation is com- 
pleted by coinciding the received identification code ID 
and password with them, the WWW server 5 instructs 
the fixed terminal apparatus 6 to change an access des- 
30 tination for the home server 1 (step S36). The access 
destination is obtained from access destination data in 
the memory area which was updated in step S29 and 
designated by the predetermined URL. 
[0048] When the access destination change Instruc- 
ts tion is received in the fixed terminal apparatus 6, the 
fixed terminal apparatus 6 accesses the IP address of 
the home server 1 shown by the access destination 
change instruction, thereby allowing the communicating 
state to be established (step S37). 
40 [0049] The fixed terminal apparatus 6 and home serv- 
er 1, consequently, enter the communicating state 
through the Internet 10, relay apparatus 4, public tele- 
phone line network 3, telephone exchange apparatus 
3a, and modem 2, and mutually execute the transmls- 
45 sion and reception in accordance with a predetermined 
protocol, so that the data in the home server 1 is sup- 
plied to the fixed terminal apparatus 6 (step S38). 
[0050] When the use of the home server 1 Is finished, 
the user P executes the operation to finish the access 
so for the fixed terminal apparatus 6, and the fixed terminal 
apparatus 6 finishes the communication with the home 
server 1 in accordance with the finishing operation (step 
S39). The home server 1 instructs the relay apparatus 
4 to disconnect from the Internet (step S40). In response 
55 to a disconnecting instruction , the relay apparatus 4 dis- 
connects the line connecting the home server 1 and In- 
ternet 10 (step S41). If there is no access for a prede- 
termined time, the home server 1 can also automatically 
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issues the Internet disconnecting instruction to the relay 
apparatus 4. It is also possible to construct in a manner 
such that the fixed terminal apparatus 6 transmits a no- 
tification indicative of the end of the access and, when 
the notification is received, the home server 1 issues the 
Internet disconnecting instruction to the relay apparatus 
4. 

[0051] Although the home server 1 newly forms the 
password for accessing the home server in the embod- 
iment, the cellular phone 1 1 can also newly form the 
password for accessing the home server. 
[0052] The operation which is executed In the case 
where the cellular phone 11 newly forms the password 
for accessing the home server and the user P accesses 
the home server 1 from the fixed terminal apparatus 6 
will now be described with reference to a sequence di- 
agram of Fig. 3. 

[0053] The user P executes the dialing operation of 
the cellular phone 11 In order to communicate with the 
home server 1 from the cellular phone 1 1 , so that the 
cellular phone 11 executes the line connection request- 
ing operation (step S42). The line connecting request 
from the cellular phone 1 1 reaches the modem 2 through 
the base station apparatus 13, dedicated line 12, tele- 
phone exchange apparatus 14, public telephone line 
network 3, and telephone exchange apparatus 3a (step 
S43). 

[0054] Since the modem 2 transmits a reception sig- 
nal to the home server 1 in response to the call by the 
automatic reception responding function, the line be- 
tween the cellular phone 11 and home server 1 is estab- 
lished through the base station apparatus 1 3, dedicated 
line 12, telephone exchange apparatus 14, public tele- 
phone line network 3, telephone exchange apparatus 
3a, and modem 2 (step S44). 

[0055] Steps S42 to S44 are substantially the same 
as steps S11 to S13 mentioned above. 
[0056] The cellular phone 11 forms a new password 
for accessing the home server after the establishment 
of the line (step S45) and transmits the formed password 
to the home server 1 (step S46). The cellular phone 11 
also allows the password for accessing the home server 
to be displayed onto the display unit (step S47). The us- 
er P is, thus, allowed to know the password for access- 
ing the home server. 

[0057] Upon receiving the password for accessing the 
home server, the home server 1 instructs to disconnect 
the line(step S48). The modem 2 generates a discon- 
necting request in response to the line disconnecting in- 
struction, so that the line between the cellular phone 1 1 
and home server 1 is disconnected at each of the tele- 
phone exchange apparatus 3a, telephone exchange ap- 
paratus 14, and base station apparatus 13 (step S49). 
[0058] Since the subsequent operations are substan- 
tially the same as those in steps S19 to S41 shown in 
Fig. 2, their overlapped description is omitted here. On 
the inputting Web page displayed on the browser screen 
of the display (not shown) of the fixed terminal apparatus 



6 in step S32, the user P inputs the identification code 
ID and password for accessing the home server. The 
password to be input, however, is the password dis- 
played on the display unit of the cellular phone 11 instep 
5 S47. 

[0059] The invention is not limited to the example in 
which the home server 1 and cellular phone 11 do not 
newly form the password for accessing the home server 
but the WWW server 5 can also newly form the pass- 

w word for accessing the home server. 

[0060] The operation which is executed in the case 
where the WWW server 5 can also newly form the pass- 
word for accessing the home server and the user P ac- 
cesses from the fixed terminal apparatus 6 to the home 

15 server 1 will now be described with reference to se- 
quence diagrams of Figs. 4 and 5. 
[0061] The fixed terminal apparatus 6 accesses the 
WWW server 5 in accordance with the operation by the 
user P, thereby allowing the communicating state to be 

20 established (step S50) and transmits a password form- 
ing request to the WWW server 5(step S51). Since the 
fixed terminal apparatus 6 is always connected to the 
Internet 10, after the communicating state between the 
fixed terminal apparatus 6 and WWW server 5 is estab- 

25 lished, the password forming request is supplied from 
the fixed terminal apparatus 6 to the WWW server 5 
through the Internet 10. 

[0062] The WWW server 5 transmits the display data 
for forming the inputting Web page for requesting the 

30 input of the identification code ID and the old password 
in response to the password forming request from the 
fixed terminal apparatus 6 (step S52). 
[0063] When the fixed terminal apparatus 6 receives 
the display data, the Web page is displayed on the 

35 browser screen of the display (step S53). On this Web 
page, the user P inputs the identification code ID for ac- 
cessing the home server and the old password. 
[0064] The fixed terminal apparatus 6 accepts the in- 
put identification code ID and old password (step S54) 

40 and transmits the input identification code ID and old 
password to the WWW server 5 (step S55). 
[0065] When the identification code ID and the old 
password are received in the WWW server5, the WWW 
server 5 executes the authenticating operation with re- 

45 spect to the identification code ID and the old password 
(step S56). In this authenticating operation, whether the 
received identification code ID and old password coin- 
cide with each data of the identification code ID and the 
password in the memory area designated by the prede- 

50 termlned URL or not is discriminated. When the authen- 
ticating operation is completed by coinciding the identi- 
fication code ID and the password with those in the 
memory area, the WWW server 5 forms a new password 
for accessing the home server (step S57) and transmits 

55 the formed password to the fixed terminal apparatus 6 
(step S58). When the identification code ID and the 
password do not coincide with those in the memory ar- 
ea, the WWW server 5 can also request the fixed termi- 
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nal apparatus 6 to input the identification code ID and 
the old password again although not shown. 
[0066] The fixed terminal apparatus 6 allows the 
password for accessing the home server to be displayed 
on the browser screen of the display (step S59). The 
user P, consequently, is allowed to know the password 
for accessing the home server 
[0067] The user executes the dialing operation of the 
cellular phone 1 1 in ordertocommunteate with the home 
server 1 from the cellular phone 11 , so that the cellular 
phone 11 executes the line connection requesting oper- 
ation (step S60). The line connecting request from the 
cellular phone 11 reaches the modem 2 through the 
base station apparatus 13, dedicated line 12, telephone 
exchange apparatus 14, public telephone line network 
3, and telephone exchange apparatus 3a (step S61). 
[0068] Since the modem 2 transmits the reception sig- 
nal to the home server 1 in response to the call by the 
automatic reception responding function, the line be- 
tween the cellular phone 1 1 and home server 1 is estab- 
lished through the base station apparatus 1 3, dedicated 
line 12, telephone exchange apparatus 14, public tele- 
phone line network 3, telephone exchange apparatus 
3a, and modem 2 (step S62). 

[0069] Steps S60 to S62 are substantially the same 
as steps S11 to S13 mentioned above, 
[0070] In the cellular phone 1 1 , the input picture plane 
of the password is displayed on the display unit after the 
establishment of the line (step S63). The user P, conse- 
quently, inputs the new password for accessing the 
home server obtained by the display in step S59 by op- 
erating the operation unit of the cellular phone 11 . The 
cellular phone 11 accepts the password from the oper- 
ation unit input by the user P (step S64) and transmits 
the accepted password to the home server 1 (step S65). 
[0071] The home server 1 instructs the disconnection 
of the line when receiving the password for accessing 
the home server (step S66). The modem 2 generates 
the disconnecting request in response to the line dis- 
connecting instruction, so that the line between the cel- 
lular phone 11 and home server 1 is disconnected at 
each of the telephone exchange apparatus 3a, tele- 
phone exchange apparatus 14, and base station appa- 
ratus 13 (step S67). 

[0072] The home server 1 further starts the dial-up op- 
eration to connect to the Internet 1 0 (step S68), so that 
the line connecting request is supplied to the relay ap- 
paratus 4 through the modem 2, telephone exchange 
apparatus 3a, and public telephone line network 3 (step 
S69). 

[0073] The relay apparatus 4 executes the user au- 
thenticating operation when receiving the line connect- 
ing request (step S70) and, thereafter, permits the con- 
nection to the Internet 1 0 (step S71 ). In the case of per- 
mitting the connection to the Internet 10 from the home 
server 1 , the relay apparatus 4 executes the connecting 
process (step S73). 

[0074] The home server 1 discriminates whether it 



has been connected to the Internet 1 0 or not (step S72). 
If it has been connected to the Internet 1 0, the allocated 
IP address is obtained from the DHCP server (step 
S74). 

5 [0075] The home server 1 accesses the WWW server 
5, thereby allowing the communicating state to be es- 
tablished (step S75), instructs to update the password 
data for accessing the home server in the memory area 
designated by the predetermined URL (step S76), and 

10 instructs the home server 1 to update the access desti- 
nation data (step S77). The password data whose up- 
dating is instructed in step S76 is the data Indicative of 
the password accepted by the cellular phone 11 in step 
S64 by the inputting operation by the user P. The access 

is destination data is the IP address obtained in step S74. 
[0076] The WWW server 5 discriminates whether the 
password formed in step S57 and the password ob- 
tained by the updating instruction in step S76 coincide 
or not (step S78). 

20 [0077] When both passwords coincide, the password 
data and the access destination data in the memory ar- 
ea designated by the predetermined URL are updated 
(step S79). 

[0078] The user P tries to access the WWW server 5 

25 in order to access the home server 1 by using the fixed 
terminal apparatus 6. Since the fixed terminal apparatus 
6 is always connected to the Internet 10, the fixed ter- 
minal apparatus 6 accesses the WWW server 5 in ac- 
cordance with the operation of the user P, thereby al- 

30 lowing a communicating state to be established (step 
S80). In the case of maintaining the communicating 
state of step S59, step S80 is unnecessary. 
[0079] Since the operations in step S80 and subse- 
quent steps are substantially the same as those in steps 

35 S31 to S41 , their overlapped description is omitted here. 
[0080] Since the user identification code ID is authen- 
ticated in step S56, only the password is authenticated 
in step S78. It is, however, possible to transmit the new 
password and identification code ID from the fixed ter- 

40 minal apparatus 6 and authenticate both of the pass- 
word and identification code ID before step S78. 
[0081] The operation which is executed in the case 
where the fixed terminal apparatus 6 newly forms the 
password for accessing the home server and the user 

45 p accesses the home server 1 from the fixed terminal 
apparatus 6 will now be described with reference to a 
sequence diagram of Fig. 6. 

[0082] The fixed terminal apparatus 6 accesses the 
WWW server 5 in accordance with the operation by the 

so user P, thereby allowing the communicating state to be 
established (step S81), forms a password for accessing 
the home server in accordance with the operation by the 
user P (step S82), and allows the password to be dis- 
played on the display (step S83). When step S82 is ex- 

55 ecuted, a predetermined program is executed, for ex- 
ample, a password forming button for accessing the 
home server is displayed on the browser screen of the 
display, and the password for accessing the home serv- 
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er is formed by clicking the password forming button by 
operating a mouse pointer. By the display in step S83, 
the user P is allowed to know the new password for ac- 
cessing the home server. 

[0083] After the execution of step S83, the fixed ter- 
minal apparatus 6 generates a new password forming 
notification to the WWW server 5 (step S84). 
[0084] In response to the new password forming no- 
tification from the fixed terminal apparatus 6, the WWW 
server 5 transmits the display data for forming the input- 
ting Web page for requesting the input of the identifica- 
tion code ID and the old password (step S85). 
[0085] When the fixed terminal apparatus 6 receives 
the display data, the Inputting Web page is displayed on 
the browser screen of the display (step S86). On this 
Web page, the user P inputs the identification code ID 
for accessing the home server and the old password. 
[0086] The fixed terminal apparatus 6 accepts the in- 
put identification code ID and the old password (step 
S87) and transmits the identification code ID and the old 
password to the WWW server 5 (step S88). 
[0087] When the WWW server 5 receives the identi- 
fication code ID and the old password, the WWW server 
5 executes the authenticating operation with respect to 
the identification code ID and the old password (step 
S89). In this authenticating operation, whether the re- 
ceived identification code ID and old password coincide 
with each data of the identification code ID and the word 
password in the memory area designated by the prede- 
termined URL or not is discriminated. When the authen- 
ticating operation is completed by coinciding the identi- 
fication code ID and the password with those in the 
memory, the WWW server 5 requests the fixed terminal 
apparatus 6 to transmit the new password for accessing 
the home server (step S90). 

[0088] The fixed terminal apparatus 6 transmits the 
new password data showing the password formed in 
step S82 to the WWW server 5 in response to the new 
password transmitting request (step S91 ). The fixed ter- 
minal apparatus 6 can also execute the formation and 
display of the new password in steps S82 and S83 just 
after the transmitting request of the new password is re- 
ceived. 

[0089] When the new password data is received in the 
WWW server 5, the WWW server 5 holds it (step S92). 
[0090] Since the operations in step S92 and subse- 
quent steps are substantially the same as those in steps 
S60 to S80 shown in Fig. 5 and in steps S31 to S41 
shown in Fig. 2, their overlapped description is omitted 
here. 

[0091] In step S78, the WWW server 5 discriminates 
whether the password shown by the password data held 
in step S92 and the password obtained by the updating 
instruction in step S76 coincide or not. 
[0092] Although the cellular phone 11 is shown as a 
mobile terminal apparatus in each of the embodiments, 
a fixed terminal apparatus having a telephone function 
can be also used. 



[0093] Although the home server 1 is connected to the 
Internet 1 0 through the relay apparatus 4 by the dial-up 
connecting method, it can be also connected to the In- 
ternet 1 0 directly or through the router from the LAN. 

5 [0094] As mentioned above, according to the inven- 
tion, a new password is issued in order to access from 
the first terminal apparatus to the information server. 
When the first terminal apparatus is notified of the new 
password, the new password is entered from the second 

10 terminal apparatus, or when the second terminal appa- 
ratus is notified of the new password, the new password 
is entered from the first terminal apparatus, and the user 
authentication Is performed by using the input pass- 
word. A situation, therefore, such that the user other 

15 than the specific user accesses from the terminal appa- 
ratus to the information server can be certainly excluded 
by the relatively simple construction. The invention is, 
particularly, effective in the case where the information 
server is connected to the network line such as Internet 

20 or the like by the dial-up connecting method. 



Claims 

25 1. A user authentication system having a first terminal 
apparatus for connecting to an information server 
through a network line, a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line, 

30 and an authentication server located on said net- 
work line, for authenticating a user of said first ter- 
minal apparatus when said information server is ac- 
cessed from said first terminal apparatus through 
said network line, comprising: 

35 

first transmitting means for transmitting a new- 
issuing request of a password from said second 
terminal apparatus to said information server 
through said communication line; 

40 password forming means for forming a new 

password in said information server in re- 
sponse to the new-issuing request of the pass- 
word from said first transmitting means; 
second transmitting means for transmitting the 

45 password formed by said password forming 

means to said second terminal apparatus 
through said communication line; 
third transmitting means for transmitting the 
password formed by said password forming 

so means to an authentication server through said 

network line; 

reception notifying means for receiving the 
password transmitted by said second transmit- 
ting means in said second terminal apparatus 
55 and notifying the received password; 

input means for accepting a password from the 

user in said first terminal apparatus; 

fourth transmitting means for transmitting the 
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4. 



6. 



7. 



password accepted by said input means to said 
authentication server through said network line; 
and 

authenticating means for performing the user 
authentication in said authentication server in 
accordance with a coincidence of at least the 
password transmitted by said third transmitting 
means and the password transmitted by said 
fourth transmitting means. 

A system according to claim 1, wherein when the 
user authentication by said authenticating means is 
completed, said authentication server guides a des- 
tination accessed by said first terminal apparatus to 
said information server. 

A system according to claim 1 or 2, wherein said 
authentication server has holding means for receiv- 
ing the password transmitted by said third transmit- 
ting means and holding the received password to- 
gether with a user identification code wh ich has pre- 
viously been set and registered. 

A system according to one of claims 1 , 2 or 3, 
wherein said information server is a home server 
which is connected to said network line through a 
relay apparatus by a dial-up connecting method. 

A system according to claim 4, wherein said net- 
work line is a line of the Internet, and 

said relay apparatus is an apparatus of an In- 
ternet service provider. 

A system according to one of claims 1 to 5, wherein 
said second terminal apparatus is a mobile terminal 
apparatus having a telephone function. 

A system according to claim 3, wherein 

said input means accepts the user identifica- 
tion code together with the password, 

said fourth transmitting means transmits the 
password and the user identification code accepted 
by said input means to said authentication server 
through said network fine, and 

said authenticating means executes the user 
authentication by detecting a coincidence of the us- 
er identification code held by said holding means 
and the user identification code transmitted by said 
fourth transmitting means and a coincidence of the 
password transmitted by said third transmitting 
means and the password transmitted by said fourth 
transmitting means. 

A system according to claim 6, wherein said com- 
munication line is provided with a telephone ex- 
change apparatus for inhibiting a line connection to 
said information server from a terminal apparatus 
other than said mobile terminal apparatus to which 
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10. 



a predetermined telephone number has been allo- 
cated. 

A user authenticating method in a network system 
having a first terminal apparatus for connecting to 
an information server through a network line, a sec- 
ond terminal apparatus for connecting to said infor- 
mation server by a communication line independent 
of said network line, and an authentication server 
located on said network line, for authenticating a us- 
er of said first terminal apparatus when said infor- 
mation server is accessed from said first terminal 
apparatus through said network line, said method 
comprises the steps of: 

transmitting a new-issuing request of a pass- 
word from said second terminal apparatus to 
said information server through said communi- 
cation line; 

forming a new password in said information 
server in response to the new-issuing request 
of the password; 

transmitting the password formed in said infor- 
mation server to said second terminal appara- 
tus through said communication line; 
transmitting the password formed in said infor- 
mation server to said authentication server 
through said network line; 
receiving the password transmitted from said 
information server in said second terminal ap- 
paratus and notifying the received password; 
aocepting a password from the user in said first 
terminal apparatus and transmitting the accept- 
ed password to said authentication server 
through said network line; and 
performing the user authentication in said au- 
thentication server in accordance with a coinci- 
dence of at least the password transmitted from 
said information server and the password 
transmitted from said first terminal apparatus. 

An information server for connecting to a first termi- 
nal apparatus through a network line, and for con- 
necting to a second terminal apparatus by a com- 
munication line independent of said network line, 
and for receiving an access from said first terminal 
apparatus through said network line, comprising: 

password forming means for forming a new 
password In response to a new-password issu- 
ing request transmitted from said second termi- 
nal apparatus through said communication line 
before said information server is accessed from 
said first terminal apparatus via said network 
line; 

first transmitting means for transmitting the 
password formed by said password forming 
means to said second terminal apparatus 
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through said communication line; and 
second transmitting means for transmitting the 
password formed by said password forming 
means through said network line to an authen- 
tication server for performing an authentication 
with respect to a user of said first terminal ap- 
paratus after the password is transmitted by 
said first transmitting means. 

11. An authentication server located on a network line 
in a network system having a first terminal appara- 
tus for connecting to an information server through 
said network line and a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line, for 
authenticating a user of said first terminal apparatus 
when said information server is accessed from said 
first terminal apparatus through said network line, 
comprises: 

first receiving means for receiving a new pass- 
word transmitted from said information server 
through said network line; 
second receiving means for receiving a pass- 
word transmitted from said first terminal appa- 
ratus through said network line; 
authenticating means for performing the user 
authentication in accordance with a coinci- 
dence of the password received by said first re- 
ceiving means and the password received by 
said second receiving means; and 
means for guiding an access destination of said 
first terminal apparatus to said information 
server when the user authentication by said au- 
thenticating means is completed. 

12. A user authentication system having a first terminal 
apparatus for connecting to an information server 
through a network line, a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line, 
and an authentication server located on said net- 
work line, for authenticating a user of said first ter- 
minal apparatus an when said information server is 
accessed from said first terminal apparatus through 
said network line, comprising: 

password forming means for forming a new 
password In said second terminal apparatus 
and notifying the new password; 
first transmitting means for transmitting the 
password formed by said password forming 
means to said information server through said 
communication line; 

transmitting and receiving means for receiving 
the password transmitted from said first trans- 
mitting means in said Information server and, 
thereafter, transmitting the received password 
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to said authentication server through said net- 
work line; 

input means for accepting a password from the 
user in said first terminal apparatus; 
second transmitting means for transmitting the 
password accepted by said input means to said 
authentication server through said network line; 
and 

authenticating means for performing the user 
authentication in said authentication server in 
accordance with a coincidence of at least the 
password transmitted by said transmitting and 
receiving means and the password transmitted 
by said second transmitting means. 

13. A system according to claim 12, wherein when the 
user authentication by said authenticating means is 
completed, said authentication server guides a des- 
tination accessed by said first terminal apparatus to 
said information server. 

14. A system according to claim 12 or 13, wherein said 
authentication server has holding means for receiv- 
ing the password transmitted by said second trans- 
mitting means and holding the received password 
together with a user identification code which has 
previously been set and registered. 

15. A system according to one of claims 12, 13 or 14, 
wherein said information server is a home server 
which is connected to said network line through a 
relay apparatus by a dial-up connecting method. 

16. A system according to claim 15, wherein said net- 
work line is a line of the Internet, and 

said relay apparatus is an apparatus of an In- 
ternet service provider. 

17. A system according to one of claims 12 to 16, 
wherein said second terminal apparatus is a mobile 
terminal apparatus having a telephone function. 

18. A system according to claim 14, wherein 

said input means accepts the user identifica- 
tion code together with the password, 

said second transmitting means transmits the 
password and the user identification code accepted 
by said input means to said authentication server 
through said network line, and 

said authentication means executes the user 
authentication by detecting a coincidence of the us- 
er identification code held by said holding means 
and the user identification code transmitted by said 
second transmitting means and a coincidence of 
the password transmitted by said transmitting/re- 
ceiving means and the password transmitted by 
said second transmitting means. 
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19. A system according to claim 17, wherein said com- 
munication line is provided with a telephone ex- 
change apparatus for inhibiting a line connection to 
said information server from a terminal apparatus 
other than said mobile terminal apparatus to which 
a predetermined telephone number has been allo- 
cated. 

20. A user authenticating method in a network system 
having a first terminal apparatus for connecting to 
an information server through a network line and a 
second terminal apparatus for connecting to said in- 
formation server by a communication line inde- 
pendent of said network line, in which an authenti- 
cation server located on said network line authenti- 
cates a user of said first terminal apparatus when 
said information server is accessed from said first 
terminal apparatus through said network line, said 
method comprises the steps of: 

forming a new password by said second termi- 
nal apparatus and notifying the new password; 
transmitting the password formed by said sec- 
ond terminal apparatus to said information 
server from said second terminal apparatus 
through said communication line; 
receiving the password transmitted from said 
second terminal apparatus in said information 
server and, thereafter, transmitting the re- 
ceived password to said authentication server 
through said network line; 
accepting a password from the user in said first 
terminal apparatus; 

transmitting the password accepted in said first 
terminal apparatus to said authentication serv- 
er through said network line; and 
performing the user authentication in said au- 
thentication server in accordance with a coinci- 
dence of at least the password transmitted from 
said information server and the password 
transmitted from said first terminal apparatus. 



21 



An information server for connecting to a first termi- 
nal apparatus through a network line, for connecting 
to a second terminal apparatus by a communication 
line independent of said network line, and for being 
accessed from said first terminal apparatus through 
said network line, comprising: 

receiving means for receiving a new password 
transmitted from said second terminal appara- 
tus through said communication line before 
said information server is accessed from said 
first terminal apparatus via said network line; 
first transmitting means for transmitting the 
password received by said receiving means to 
said second terminal apparatus through said 
communication line; and 
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second transmitting means for transmitting the 
password formed by password forming means 
through said network line to an authentication 
server for authenticating a user of said first ter- 
minal apparatus after the password is transmit- 
ted by said first transmitting means. 

22. An authentication server located on a network line 
in a network system having a first terminal appara- 
tus for connecting to an information server through 
said network line and a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line, for 
authenticating a user of said first terminal apparatus 
when said inf ormation server is accessed from said 
first terminal apparatus through said network line, 
comprises: 

first receiving means for receiving a new pass- 
word transmitted from said second terminal ap- 
paratus through said information server and 
said network line; 

second receiving means for receiving a pass- 
word transmitted from said first terminal appa- 
ratus through said network line; 
authenticating means for performing the user 
authentication in accordance with a coinci- 
dence of the password received by said first re- 
ceiving means and the password received by 
said second receiving means; and 
means for guiding a destination accessed by 
said first terminal apparatus to said information 
server when the user authentication by said au- 
thenticating means is completed. 

23. A user authentication system having a first terminal 
apparatus for connecting to an information server 
through a network line, a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line 
and an authentication server located on said net- 
work line, for authenticating a user of said first ter- 
minal apparatus when said information server is ac- 
cessed from said first terminal apparatus through 
said network line, comprising: 

first transmitting means for transmitting a new- 
issuing request of a password in said first ter- 
minal apparatus to said authentication server 
through said network line; 
password forming means for forming a new 
password in said authentication server in re- 
sponse to the new-issuing request of the pass- 
word from said first transmitting means; 
second transmitting means for transmitting the 
password formed by said password forming 
means to said first terminal apparatus through 
said network line; 
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reception notifying means for receiving the 
password transmitted by said second transmit- 
ting means, in said first terminal apparatus and 
notifying it; 

input means for accepting a password from the 
user in said second terminal apparatus; 
third transmitting means for transmitting the 
password accepted by said input means to said 
information server through said communication 
line; 

transmitting and receiving means for receiving 
the password transmitted from said third trans- 
mitting means in said information server and, 
thereafter, transmitting the received password 
to said authentication server through said net- 
work line; and 

authenticating means for performing the user 
authentication in said authentication server in 
accordance with a coincidence of at least the 
password transmitted by said third transmitting 
means and the password formed by said pass- 
word forming means. 

24. A system according to claim 23, wherein when the 
user authentication by said authenticating means is 
completed, said authentication server guides a des- 
tination accessed by said first terminal apparatus to 
said information server. 

25. A system according to claim 23 or 24, wherein said 
authentication server has holding means for holding 
the password used in the user authentication by 
said authenticating means together with a user 
identification code which has previously been set 
and registered. 

26. A system according to one of claims 23, 24 or 25, 
wherein said information server is a home server 
which is connected to said network line through a 
relay apparatus by a diai-up connecting method. 

27. A system according to claim 26, wherein said net- 
work line is a line of the Internet, and 

said relay apparatus is an apparatus of an In- 
ternet service provider. 

28. A system according to one of claims 23 to 27, 
wherein said second terminal apparatus is a mobile 
terminal apparatus having a telephone function. 

29. A system according to claim 25, wherein 

said first terminal apparatus Includes second 
input means for accepting a previous password 
when the new-issuing request of the password is 
transmitted by said first transmitting means, 

said first transmitting means transmits the 
previous password accepted by said second input 
means to said authentication server through said 



network line, 

said authentication server includes discrimi- 
nating means for discriminating a coincidence of at 
least the password held by said holding means and 
5 the previous password transmitted by said first 
transmitting means, and allows said password 
forming means to form the new password when the 
coincidence is determined by said discriminating 
means. 

w 

30. A system according to claim 29, wherein 

said second Input means accepts a user iden- 
tification code together with the previous password, 

said first transmitting means transmits the 
15 previous password and the user identification code 
accepted by said input means to said authentication 
server through said network line, and 

said discriminating means discriminates a co- 
incidence of the user identification code held by said 
20 holding means and the user identification code 
transmitted by said first transmitting means and a 
coincidence of the password transmitted by said 
third transmitting means and the password formed 
by said password forming means. 

25 

31 . A system according to claim 28, wherein said com- 
municating line is provided with a telephone ex- 
change apparatus for inhibiting a line connection to 
said information server from a terminal apparatus 

30 other than said mobile terminal apparatus to which 
a predetermined telephone number has been allo- 
cated. 

32. A user authenticating method in a network system 
35 having a first terminal apparatus for connecting to 

an information server through a network line and a 
second terminal apparatus for connecting to said in- 
formation server by a communication line inde- 
pendent of the network line, and an authentication 
40 server located on said network line, for authenticat- 
ing a user of said first terminal apparatus when said 
information server is accessed from said first termi- 
nal apparatus through said network line, said meth- 
od comprises the steps of: 

45 

transmitting a new-issuing request of a pass- 
word from said first terminal apparatus to said 
authentication server through said network line; 
forming a new password in said authentication 
50 server in response to the new-issuing request 

of the password from said first terminal appa- 
ratus; 

transmitting the password formed in said au- 
thentication server to said first terminal appa- 
55 ratus through said network line; 

receiving the password transmitted from said 
authentication server In said first terminal ap- 
paratus and notifying the received password; 
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accepting a password from the user in said sec- 
ond terminal apparatus; 
transmitting the password accepted in said sec- 
ond terminal apparatus to said information 
server through said communication line; s 
receiving the password transmitted from said 
second terminal apparatus in said information 
server and, thereafter, transmitting the re- 
ceived password to said authentication server 
through said network line; and 10 
performing the user authentication in said au- 
thentication server in accordance with a coinci- 
dence of at least the password transmitted from 
said information server and the formed pass- 
word, is 

33. An authentication server located on a network line 
in a network system having a first terminal appara- 
tus for connecting to an information server through 
said network line and a second terminal apparatus 20 
for connecting to said information server by a com- 
munication line independent of said network line, for 
authenticating a user of said first terminal apparatus 
when said information server is accessed from said 
first terminal apparatus through said network line, 25 
comprises: 

password forming means for forming a new 
password in response to a new-password issu- 
ing request transmitted from said first terminal 30 
apparatus through said network line before said 35. 
information server is accessed from said first 
terminal apparatus through said network line; 
first transmitting means for transmitting the 
password formed by said password forming 35 
means to said first terminal apparatus through 
the network line; 36. 
receiving means for receiving the password 
transmitted from said second terminal appara- 
tus through said information server and said 40 
network line; 

authenticating means for performing the user 
authentication in accordance with a coinci- 
dence of the password received by said receiv- 37. 
ing means and the password formed by said 45 
password forming means; and 
means for guiding a destination accessed by 
said first terminal apparatus to said information 
server when the user authentication by said au- 38. 
thenticating means is completed. so 

34. A user authentication system having a first terminal 
apparatus for connecting to an information server 
through a network line, a second terminal apparatus 39, 
for connecting to said inf ormation server by a com- 55 
munication line independent of said network line, 
and an authentication server located on said net- 
work line, for authenticating a user of said first ter- 



minal apparatus when said information server is ac- 
cessed from said first terminal apparatus through 
said network line, comprising: 

password forming means for forming a new 
password by said first terminal apparatus and 
notifying the new password; 
first transmitting means for transmitting the 
password formed by said password forming 
means to said authentication server through 
said network line; 

input means for accepting a password from the 
user in said second terminal apparatus; 
second transmitting means for transmitting the 
password accepted by said input means to said 
information server through said communication 
line; 

transmitting and receiving means for receiving 
the password transmitted from said first trans- 
mitting means in said information server and, 
thereafter, transmitting the received password 
to said authentication server through said net- 
work line; and 

authenticating means for performing the user 
authentication in said authentication server in 
accordance with a coincidence of at least the 
password transmitted by said transmitting and 
receiving means and the password transmitted 
by said second transmitting means. 

A system according to claim 34, wherein when the 
user authentication by said authenticating means is 
completed, said authentication server guides a des- 
tination accessed by said first terminal apparatus to 
said information server. 

A system according to claim 34 or 35, wherein said 
authentication server has holding means for holding 
the password used in the user authentication by 
said authenticating means together with a user 
identification code which has previously been set 
and registered. 

A system according to one of claims 34, 35 or 36, 
wherein said information server is a home server 
which is connected to said network line through a 
relay apparatus by a dial-up connecting method. 

A system according to claim 37, wherein said net- 
work line is a line of the Internet, and 

said relay apparatus is an apparatus of an In- 
ternet service provider. 

A system according to one of claims 34 to 38, 
wherein said second terminal apparatus is a mobile 
terminal apparatus having a telephone function. 



40. A system according to claim 36, wherein 
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said first terminal apparatus includes second 
input means for accepting a previous password, 

said first transmitting means transmits the 
previous password accepted by said second input 
means to said authentication server through said 
network line, 

said authentication server includes discrimi- 
nating means for discriminating a coincidence of at 
least the password held by said holding means and 
the previous password transmitted by said first 
transmitting means, and receives the new pass- 
word transmitted by said first transmitting means 
when the coincidence is determined by said dis- 
criminating means. 

41. A system according to claim 40, wherein 

said second input means accepts a user iden- 
tification code together with the previous password, 

said first transmitting means transmits the 
previous password and the user identification code 
accepted by said input means to said authentication 
server through said network line, and 

said discriminating means discriminates a co- 
incidence of the user identification code held by said 
holding means and the user identification code 
transmitted by said first transmitting means and a 
coincidence of the password held by said holding 
means and the previous password transmitted by 
said first transmitting means. 

42. A system according to claim 39, wherein said com- 
municating line is provided with a telephone ex- 
change apparatus for inhibiting a line connection to 
said information server from a terminal apparatus 
other than said mobile terminal apparatus to which 
a predetermined telephone number has been allo- 
cated. 

43. A user authenticating method in a network system 
having a first terminal apparatus for connecting to 
an information server through a network line and a 
second terminal apparatus forconnecting to said in- 
formation server by a communication line inde- 
pendent of said network line, in which an authenti- 
cation server located on said network line authenti- 
cates a user of said first terminal apparatus when 
the information server is accessed from said first 
terminal apparatus through said network line, said 
method comprises the steps of: 

forming a new password in said first terminal 
apparatus and notifying the new password; 
transmitting the password formed in said first 
terminal apparatus to an authentication server 
through said network line; 
accepting a password from the user in said sec- 
ond terminal apparatus; 
transmitting the password received in said sec- 



ond terminal apparatus to said information 
server through said communication line; 
receiving the password transmitted from said 
second terminal apparatus in said information 

5 server and, thereafter, transmitting the re- 

ceived password to said authentication server 
through said network line; and 
performing the user authentication in said au- 
thentication server in accordance with a coinci- 

w dence of at least the password transmitted from 

said information server and the password 
transmitted from said first terminal apparatus. 

44. An authentication server located on a network line 
15 in a network system having a first terminal appara- 
tus for connecting to an information server through 
said network line and a second terminal apparatus 
for connecting to said information server by a com- 
munication line independent of said network line, for 
20 authenticating a user of said first terminal apparatus 
when said information server is accessed from said 
first terminal apparatus through said network line, 
comprises: 

25 first receiving means for receiving a password 

formed newly and transmitted in said first ter- 
minal apparatus through said network line; 
second receiving means for receiving the pass- 
word transmitted from said second terminal ap- 

30 paratus through said information server and 

said network line; 

authenticating means for performing the user 
authentication in accordance with a coinci- 
dence of the password received by said first re- 

35 ceiving means and the password received by 

said second receiving means; and 
means for guiding a destination accessed by 
said first terminal apparatus to said information 
server when the user authentication by said au- 

40 thenticating means is completed. 
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